I am just in the process of putting the final touches to my plone site
before making it public and so I am tightening up security and workflow
(much too late, some might say)...
I have an issue with the visibility of Primagis layers. With the standard
plone workflow if I publish a layer, I automatically also allow an anonymous
user to see the layer definition, which I do not want.
(Anon users still cannot change anything, so it does not really compromise
my site, but I do not like them to see things they should not)
E.g. I have a layer 'counties'. If I make it visible to the anonymous user I
also allow him to open
www.mysite.com/map/counties.
I tested some other sites for this (apologies), such as
http://www.centralfrontenac.com/yc/township/departments/it/maps/map/, which
exhibits the same behaviour, so obviously the normal workflow maybe exposes
more than it should.
One way to make the primagis layer inaccessible would be to give it a
cryptic name ('security' by hiding it in a haystack), obviously a hack,
which I do not like.
I guess the right way is through workflows and I have added a
primagis_workflow, which allows anonymous users to 'view' something, but not
to 'access contents information' (in plone speak). This primagis_workflow
now controls the primagis layers.
I am not too familiar with plone workflows and their implications, so: is
this the right way forward?
The demo hosted at primagis.fi does not seem to exhibit problem, so I
wondered how you did it.
Ludwig